Hello - new user here; this may be an obvious question but I haven't been able to find the answer. Ultimately, this may just highlight some of the problems inherent in a hierarchical trust model.
I've got a free x.509 email certificate generated by Comodo. I've got Ubuntu 16.04 LTS running a clean install, with gpg and gpgsm 2.1.11 installed. I imported my certificate into my keychain using gpgsm a day or two ago, and everything is working as expected - the certificate is successfully validated, and I'm able to encrypt files using the public key of this certificate, and decrypt them using the private key. I've also got a Windows 10 machine - this computer had GPG4Win installed for some time, but I've since uninstalled that, and removed all configuration directories/files I could find. I've installed GnuPG binary version 2.1.11, and I've been able to successfully import my certificate into my keychain this morning, and everything seems to work as expected - but the certificate is not successfully validated under Windows. As a result, I'm not able to encrypt anything using the public key of this certificate. I'm trying to figure out what is going on - it appears that there is problem validating the CRL available at the DP listed in my certificate regardless of whether I run the fetch-url from Ubuntu or Windows - both output files are attached. Does this suggest a problem with the CRL that the CA has published, or do I have something I need to adjust in my configs somewhere? At the same time, I'm curious as to why the Ubuntu installation is validating the certificate as 'good' while the Windows installation is not - is this just because the Ubuntu installation was able to successfully validate the certificate in the past (presumably when a previous and non-problematic CRL was published)? If the CA publishes an updated CRL that doesn't have issues, will my Windows installation be able to validate the certificate at that point? I've replaced all the email addresses in the attached files with 'u...@domain.com'. I appreciate any assistance you might be able to provide. Thank you, Dave
dave@dave-VirtualBox:~/.gnupg/crls.d$ dirmngr --debug-all --fetch-crl http://crl.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crl dirmngr[3184.0]: Note: no default option file '/home/dave/.gnupg/dirmngr.conf' dirmngr[3184.0]: enabled debug flags: x509 crypto memory cache memstat hashing ipc lookup dirmngr[3184.0]: permanently loaded certificates: 0 dirmngr[3184.0]: runtime cached certificates: 0 dirmngr[3184.0]: RESP: 'HTTP/1.1 200 OK' dirmngr[3184.0]: RESP: 'Date: Mon, 20 Feb 2017 13:32:34 GMT' dirmngr[3184.0]: RESP: 'Content-Type: application/x-pkcs7-crl' dirmngr[3184.0]: RESP: 'Connection: close' dirmngr[3184.0]: RESP: 'Set-Cookie: __cfduid=dba16ddf7e3474878a3bb0d6b4d273e9f1487597554; expires=Tue, 20-Feb-18 13:32:34 GMT; path=/; domain=.comodoca.com; HttpOnly' dirmngr[3184.0]: RESP: 'Last-Modified: Sun, 19 Feb 2017 16:58:28 GMT' dirmngr[3184.0]: RESP: 'ETag: W/"58a9ceb4-efab2"' dirmngr[3184.0]: RESP: 'X-CCACDN-Mirror-ID: dwdccacrl10' dirmngr[3184.0]: RESP: 'Cache-Control: public, max-age=14400' dirmngr[3184.0]: RESP: 'CF-Cache-Status: HIT' dirmngr[3184.0]: RESP: 'Expires: Mon, 20 Feb 2017 17:32:34 GMT' dirmngr[3184.0]: RESP: 'Server: cloudflare-nginx' dirmngr[3184.0]: RESP: 'CF-RAY: 334253495461246e-IAD' dirmngr[3184.0]: RESP: '' dirmngr[3184.0]: update times of this CRL: this=20170219T165828 next=20170223T165828 dirmngr[3184.0]: locating CRL issuer certificate by authorityKeyIdentifier dirmngr[3184.0]: DBG: find_cert_bysubject: certificate not in cache dirmngr[3184.0]: DBG: get_cert_local_ski called w/o context dirmngr[3184.0]: DBG: find_cert_bysubject: certificate not returned by caller - doing lookup dirmngr[3184.0]: error fetching certificate by subject: Configuration error dirmngr[3184.0]: CRL issuer certificate {92616B82E1A2A0AA4FEC67F1C2A3F7B48000C1EC} not found dirmngr[3184.0]: crl_parse_insert failed: Missing certificate dirmngr[3184.0]: processing CRL from 'http://crl.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crl' failed: Missing certificate
dave@dave-VirtualBox:~/.gnupg/crls.d$ gpgsm --debug-all --list-keys
--with-validation
gpgsm: reading options from '/home/dave/.gnupg/gpgsm.conf'
gpgsm: enabled debug flags: x509 mpi crypto memory cache memstat hashing ipc
gpgsm: failed to open '/home/dave/.gnupg/policies.txt': No such file or
directory
gpgsm: DBG: looking for parent certificate
gpgsm: DBG: found via authid and keyid
gpgsm: DBG: got issuer's certificate:
gpgsm: DBG: BEGIN Certificate 'issuer':
gpgsm: DBG: serial: 01
gpgsm: DBG: notBefore: 2000-05-30 10:48:38
gpgsm: DBG: notAfter: 2020-05-30 10:48:38
gpgsm: DBG: issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: subject: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.5
gpgsm: DBG: SHA1 Fingerprint:
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
gpgsm: DBG: END Certificate
gpgsm: DBG: signature value: 28 37 3A 73 69 67 2D 76 61 6C 28 33 3A 72 73 61 28
31 3A 73 32 35 36 3A 1B 2A 6E AC 55 C1 3A AB 88 C5 D8 ED CD 55 F3 AA 6B 61 2B
C0 09 10 23 99 0F C5 66 6A 6F B1 F5 B4 B5 77 5E 0F 02 61 00 DF 7D 05 FE 12 B3
A4 80 80 00 FC FB 1D 5B 6A 72 02 0A 41 BC 05 BA C1 58 D5 26 C2 EA D5 4D 84 FB
FE 82 98 CF 58 1B E3 22 63 9C 52 F8 BB 05 36 AB 7D 58 A5 DE AB 3B 63 E5 DA D5
73 EF EC E0 FB 7B E2 A3 FF F0 42 23 9C CA B6 8D 4D 3E E4 4B 18 03 B2 A8 2D D4
D8 BB 42 4B 90 69 85 10 DB A6 37 34 E8 7B E0 01 10 A5 9C CA 3A C7 9F 4F 88 34
6E 8A 65 D0 1A 8A BB A9 DC CA CA 36 D1 F4 FC C2 64 29 35 AF D6 B1 A7 71 11 D2
03 43 B1 8F 3E 9A EC 9E 32 53 F4 76 92 CA 86 34 07 B9 2C CA E6 1C 4A D8 99 0D
C1 86 E2 90 92 FB 5A 42 6A 23 21 10 E9 65 C7 F5 D5 BB 7E EA 8C 85 20 02 62 EA
D1 3A 07 2C 59 C5 99 33 F2 38 89 E5 B6 E9 16 7A 1F 79 14 F6 4A 10 1A 26 FA 7C
8A FB 9B 29 29 28 34 3A 68 61 73 68 36 3A 73 68 61 32 35 36 29 29
gpgsm: DBG: encoded hash: 00 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF 00 30 31 30 0D 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 69 72
4F 59 E4 41 04 2E 57 84 2A 9B 9E 78 AA 7D E9 9A 55 53 22 C1 A0 55 20 ED A0 F0
B0 3E 00 8A
DBG: rsa_verify
data:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify
sig:+1b2a6eac55c13aab88c5d8edcd55f3aa6b612bc0091023990fc5666a6fb1f5b4 \
DBG:
b5775e0f026100df7d05fe12b3a4808000fcfb1d5b6a72020a41bc05bac158d5 \
DBG:
26c2ead54d84fbfe8298cf581be322639c52f8bb0536ab7d58a5deab3b63e5da \
DBG:
d573efece0fb7be2a3fff042239ccab68d4d3ee44b1803b2a82dd4d8bb424b90 \
DBG:
698510dba63734e87be00110a59cca3ac79f4f88346e8a65d01a8abba9dccaca \
DBG:
36d1f4fcc2642935afd6b1a77111d20343b18f3e9aec9e3253f47692ca863407 \
DBG:
b92ccae61c4ad8990dc186e29092fb5a426a232110e965c7f5d5bb7eea8c8520 \
DBG:
0262ead13a072c59c59933f23889e5b6e9167a1f7914f64a101a26fa7c8afb9b
DBG: rsa_verify
n:+b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c \
DBG:
7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8ca \
DBG:
bf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c \
DBG:
0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38 \
DBG:
078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44 \
DBG:
e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db \
DBG:
14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7 \
DBG:
a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a27
DBG: rsa_verify e:+010001
DBG: rsa_verify
cmp:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify => Good
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: chan_5 <- # Home: /home/dave/.gnupg
gpgsm: DBG: chan_5 <- # Config: [none]
gpgsm: DBG: chan_5 <- OK Dirmngr 2.1.11 at your service
gpgsm: DBG: chan_6 <- # Home: /home/dave/.gnupg
gpgsm: DBG: chan_6 <- # Config: [none]
gpgsm: DBG: chan_6 <- OK Dirmngr 2.1.11 at your service
gpgsm: DBG: connection to the dirmngr established
gpgsm: DBG: chan_6 -> GETINFO version
gpgsm: DBG: chan_6 <- D 2.1.11
gpgsm: DBG: chan_6 <- OK
gpgsm: DBG: chan_6 -> OPTION audit-events=1
gpgsm: DBG: chan_6 <- OK
gpgsm: DBG: chan_6 -> ISVALID
14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.00E023CB1512835389AD616E7A54676B21
gpgsm: DBG: chan_6 <- INQUIRE ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 <- OK Pleased to meet you, process 2956
gpgsm: DBG: connection to agent established
gpgsm: DBG: chan_7 -> RESET
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION ttyname=/dev/pts/2
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION ttytype=xterm-256color
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION display=:0
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION xauthority=/home/dave/.Xauthority
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION putenv=XMODIFIERS=@im=ibus
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION putenv=GTK_IM_MODULE=ibus
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION
putenv=DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-wJKywZtiPz
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION putenv=QT_IM_MODULE=ibus
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION lc-ctype=en_US.UTF-8
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION lc-messages=en_US.UTF-8
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> GETINFO version
gpgsm: DBG: chan_7 <- D 2.1.11
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> OPTION allow-pinentry-notify
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_6 -> D 1
gpgsm: DBG: chan_6 -> END
gpgsm: DBG: chan_6 <- OK
gpgsm: DBG: chan_7 -> ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_7 -> ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_7 <- OK
gpgsm: failed to open '/home/dave/.gnupg/policies.txt': No such file or
directory
gpgsm: DBG: looking for parent certificate
gpgsm: DBG: found via authid and keyid
gpgsm: DBG: got issuer's certificate:
gpgsm: DBG: BEGIN Certificate 'issuer':
gpgsm: DBG: serial: 00E023CB1512835389AD616E7A54676B21
gpgsm: DBG: notBefore: 2014-12-22 00:00:00
gpgsm: DBG: notAfter: 2020-05-30 10:48:38
gpgsm: DBG: issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: subject: CN=COMODO SHA-256 Client Authentication and Secure
Email CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.11
gpgsm: DBG: SHA1 Fingerprint:
59:B8:25:FC:08:86:0B:04:B3:92:CC:25:FE:C4:8C:76:07:53:B6:89
gpgsm: DBG: END Certificate
gpgsm: DBG: signature value: 28 37 3A 73 69 67 2D 76 61 6C 28 33 3A 72 73 61 28
31 3A 73 32 35 36 3A 52 A8 1C AC FA 1E 95 57 05 89 78 CA 7A 65 78 AF D3 95 67
07 45 DE 63 7D C8 AD A9 9E CD C0 75 59 55 13 B5 B5 C4 F8 81 68 BA D2 91 25 49
2E 84 E2 6D 87 1D 96 E0 A5 89 C6 80 34 74 CB D0 F3 BF 00 3A 47 A0 FE BF A0 0F
9C 78 93 2A 94 FF 94 CD B7 BB 14 26 D9 35 10 24 59 2E 39 3E F0 CB 52 F8 B1 26
EC D3 80 1D 94 83 70 21 60 8D 70 90 C2 57 7F E4 48 62 F8 8D F3 3D F7 AD C3 EC
F6 AF 63 E4 17 FB B8 A6 63 F4 A8 6A 2B 7F 48 83 D7 79 E7 AC 53 5B 2B D2 EB 4F
9F 3B DA 36 D2 CA 4D 5D AA FD 05 16 BD 2C 37 71 95 86 34 EA 8E D1 6A 61 87 18
5A EA 35 C6 B3 0E B8 08 6A E0 D5 95 37 98 BC A8 4F 7C EE 42 3C B7 B4 DD 37 C0
1C EA 45 37 03 03 20 AF 1C 14 CA 62 60 11 CA FD 7B 06 05 02 37 55 F9 18 6E 8F
5B C6 0E 5A C3 B4 E9 7A BF 38 A9 D8 90 D0 4F 89 DF 67 41 A5 86 5E C5 8F A2 AF
B3 FF 74 29 29 28 34 3A 68 61 73 68 36 3A 73 68 61 32 35 36 29 29
gpgsm: DBG: encoded hash: 00 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF 00 30 31 30 0D 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 31 FB
01 7E 8E CA 59 1E EE 26 5F 91 5C F3 12 E5 0D 10 9F 61 D3 4E 33 E3 62 9B 4F 4D
36 83 09 2D
DBG: rsa_verify
data:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042031 \
DBG:
fb017e8eca591eee265f915cf312e50d109f61d34e33e3629b4f4d3683092d
DBG: rsa_verify
sig:+52a81cacfa1e9557058978ca7a6578afd395670745de637dc8ada99ecdc07559 \
DBG:
5513b5b5c4f88168bad29125492e84e26d871d96e0a589c6803474cbd0f3bf00 \
DBG:
3a47a0febfa00f9c78932a94ff94cdb7bb1426d9351024592e393ef0cb52f8b1 \
DBG:
26ecd3801d94837021608d7090c2577fe44862f88df33df7adc3ecf6af63e417 \
DBG:
fbb8a663f4a86a2b7f4883d779e7ac535b2bd2eb4f9f3bda36d2ca4d5daafd05 \
DBG:
16bd2c3771958634ea8ed16a6187185aea35c6b30eb8086ae0d5953798bca84f \
DBG:
7cee423cb7b4dd37c01cea4537030320af1c14ca626011cafd7b0605023755f9 \
DBG:
186e8f5bc60e5ac3b4e97abf38a9d890d04f89df6741a5865ec58fa2afb3ff74
DBG: rsa_verify
n:+89b10dda7a53194e70521dbc56a60626b7b849e096e751abf1f05a134915a3b4 \
DBG:
8c1b60bc7a5142a7798ca422df17614e91d576230a14d34a027fb61d09806ea5 \
DBG:
043dd9babb16fea187a92e435243167caf3250c8a64f5ae908d8cf93259c7b88 \
DBG:
e83064e6a4f85680fd2a2414331799ac44e5698ba346064bc233d4e9409f06b0 \
DBG:
b1ac9340b9b508933a9c2a53a310db3d20613c55038ed94e7625022129faa37c \
DBG:
71764feee15f81e9fb5480dbc37b3552b784de223d2c302d317f59bd5237b033 \
DBG:
692d43ebfad6a5f1977767518cd9ee27ebbca50738768ca4a938ffdf8cf503ac \
DBG:
49becaf773993a0f32ab9c953a133d0e463a57746150bec6403fcbe4e29fa221
DBG: rsa_verify e:+010001
DBG: rsa_verify
cmp:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042031 \
DBG:
fb017e8eca591eee265f915cf312e50d109f61d34e33e3629b4f4d3683092d
DBG: rsa_verify => Good
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: chan_6 -> ISVALID
685A02B9E2BD4B5EE1FA51739B8882AEA38FB3C8.3FAADAD7DD3F946B114321153B76F88C
gpgsm: DBG: chan_6 <- INQUIRE ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 -> ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_6 -> D 1
gpgsm: DBG: chan_6 -> END
gpgsm: DBG: chan_6 <- OK
gpgsm: failed to open '/home/dave/.gnupg/policies.txt': No such file or
directory
gpgsm: DBG: looking for parent certificate
gpgsm: DBG: found via authid and keyid
gpgsm: DBG: got issuer's certificate:
gpgsm: DBG: BEGIN Certificate 'issuer':
gpgsm: DBG: serial: 01
gpgsm: DBG: notBefore: 2000-05-30 10:48:38
gpgsm: DBG: notAfter: 2020-05-30 10:48:38
gpgsm: DBG: issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: subject: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.5
gpgsm: DBG: SHA1 Fingerprint:
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
gpgsm: DBG: END Certificate
gpgsm: DBG: signature value: 28 37 3A 73 69 67 2D 76 61 6C 28 33 3A 72 73 61 28
31 3A 73 32 35 36 3A 1B 2A 6E AC 55 C1 3A AB 88 C5 D8 ED CD 55 F3 AA 6B 61 2B
C0 09 10 23 99 0F C5 66 6A 6F B1 F5 B4 B5 77 5E 0F 02 61 00 DF 7D 05 FE 12 B3
A4 80 80 00 FC FB 1D 5B 6A 72 02 0A 41 BC 05 BA C1 58 D5 26 C2 EA D5 4D 84 FB
FE 82 98 CF 58 1B E3 22 63 9C 52 F8 BB 05 36 AB 7D 58 A5 DE AB 3B 63 E5 DA D5
73 EF EC E0 FB 7B E2 A3 FF F0 42 23 9C CA B6 8D 4D 3E E4 4B 18 03 B2 A8 2D D4
D8 BB 42 4B 90 69 85 10 DB A6 37 34 E8 7B E0 01 10 A5 9C CA 3A C7 9F 4F 88 34
6E 8A 65 D0 1A 8A BB A9 DC CA CA 36 D1 F4 FC C2 64 29 35 AF D6 B1 A7 71 11 D2
03 43 B1 8F 3E 9A EC 9E 32 53 F4 76 92 CA 86 34 07 B9 2C CA E6 1C 4A D8 99 0D
C1 86 E2 90 92 FB 5A 42 6A 23 21 10 E9 65 C7 F5 D5 BB 7E EA 8C 85 20 02 62 EA
D1 3A 07 2C 59 C5 99 33 F2 38 89 E5 B6 E9 16 7A 1F 79 14 F6 4A 10 1A 26 FA 7C
8A FB 9B 29 29 28 34 3A 68 61 73 68 36 3A 73 68 61 32 35 36 29 29
gpgsm: DBG: encoded hash: 00 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF 00 30 31 30 0D 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 69 72
4F 59 E4 41 04 2E 57 84 2A 9B 9E 78 AA 7D E9 9A 55 53 22 C1 A0 55 20 ED A0 F0
B0 3E 00 8A
DBG: rsa_verify
data:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify
sig:+1b2a6eac55c13aab88c5d8edcd55f3aa6b612bc0091023990fc5666a6fb1f5b4 \
DBG:
b5775e0f026100df7d05fe12b3a4808000fcfb1d5b6a72020a41bc05bac158d5 \
DBG:
26c2ead54d84fbfe8298cf581be322639c52f8bb0536ab7d58a5deab3b63e5da \
DBG:
d573efece0fb7be2a3fff042239ccab68d4d3ee44b1803b2a82dd4d8bb424b90 \
DBG:
698510dba63734e87be00110a59cca3ac79f4f88346e8a65d01a8abba9dccaca \
DBG:
36d1f4fcc2642935afd6b1a77111d20343b18f3e9aec9e3253f47692ca863407 \
DBG:
b92ccae61c4ad8990dc186e29092fb5a426a232110e965c7f5d5bb7eea8c8520 \
DBG:
0262ead13a072c59c59933f23889e5b6e9167a1f7914f64a101a26fa7c8afb9b
DBG: rsa_verify
n:+b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c \
DBG:
7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8ca \
DBG:
bf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c \
DBG:
0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38 \
DBG:
078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44 \
DBG:
e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db \
DBG:
14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7 \
DBG:
a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a27
DBG: rsa_verify e:+010001
DBG: rsa_verify
cmp:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify => Good
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: chan_6 -> ISVALID
14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.00E023CB1512835389AD616E7A54676B21
gpgsm: DBG: chan_6 <- INQUIRE ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 -> ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_7 <- OK
gpgsm: DBG: chan_6 -> D 1
gpgsm: DBG: chan_6 -> END
gpgsm: DBG: chan_6 <- OK
gpgsm: DBG: chan_7 -> ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_7 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_7 <- OK
/home/dave/.gnupg/pubring.kbx
-----------------------------
ID: 0x0753B689
S/N: 00E023CB1512835389AD616E7A54676B21
Issuer: /CN=AddTrust External CA Root/OU=AddTrust External TTP
Network/O=AddTrust AB/C=SE
Subject: /CN=COMODO SHA-256 Client Authentication and Secure Email
CA/O=COMODO CA Limited/L=Salford/ST=Greater Manchester/C=GB
validity: 2014-12-22 00:00:00 through 2020-05-30 10:48:38
key type: 2048 bit RSA
key usage: digitalSignature certSign crlSign
ext key usage: clientAuth (suggested), emailProtection (suggested)
policies: 2.5.29.32.0:N:
chain length: 0
fingerprint: 59:B8:25:FC:08:86:0B:04:B3:92:CC:25:FE:C4:8C:76:07:53:B6:89
[Note: non-critical certificate policy not allowed]
[validation model used: shell]
[certificate is good]
ID: 0x68851868
S/N: 01
Issuer: /CN=AddTrust External CA Root/OU=AddTrust External TTP
Network/O=AddTrust AB/C=SE
Subject: /CN=AddTrust External CA Root/OU=AddTrust External TTP
Network/O=AddTrust AB/C=SE
validity: 2000-05-30 10:48:38 through 2020-05-30 10:48:38
key type: 2048 bit RSA
key usage: certSign crlSign
chain length: unlimited
fingerprint: 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
[validation model used: shell]
[certificate is good]
ID: 0x2F5900E9
S/N: 3FAADAD7DD3F946B114321153B76F88C
Issuer: /CN=COMODO SHA-256 Client Authentication and Secure Email
CA/O=COMODO CA Limited/L=Salford/ST=Greater Manchester/C=GB
Subject: /EMail=u...@domain.com
aka: u...@domain.com
validity: 2017-01-02 00:00:00 through 2018-01-02 23:59:59
key type: 2048 bit RSA
key usage: digitalSignature keyEncipherment
ext key usage: emailProtection (suggested), 1.3.6.1.4.1.6449.1.3.5.2 (suggested)
policies: 1.3.6.1.4.1.6449.1.2.1.1.1:N:
fingerprint: 4A:53:A9:E6:51:32:23:DF:B4:7D:B8:A3:19:F1:3E:A3:2F:59:00:E9
[Note: non-critical certificate policy not allowed]
[Note: non-critical certificate policy not allowed]
[validation model used: shell]
[certificate is good]
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 0/16384 bytes in 0 blocks
dave@dave-VirtualBox:~/.gnupg/crls.d$
C:\Users\dave\Downloads>dirmngr --debug-all --fetch-crl http://crl.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crl dirmngr[6552]: reading options from 'C:\Users\dave\AppData\Roaming\gnupg\dirmngr.conf' dirmngr[6552]: enabled debug flags: x509 crypto memory cache memstat hashing ipc lookup dirmngr[6552]: permanently loaded certificates: 0 dirmngr[6552]: runtime cached certificates: 0 dirmngr[6552]: RESP: 'HTTP/1.1 200 OK' dirmngr[6552]: RESP: 'Date: Mon, 20 Feb 2017 13:28:04 GMT' dirmngr[6552]: RESP: 'Content-Type: application/x-pkcs7-crl' dirmngr[6552]: RESP: 'Connection: close' dirmngr[6552]: RESP: 'Set-Cookie: __cfduid=d9b8e7cfbff77d2efc809c8bbae9457ea1487597284; expires=Tue, 20-Feb-18 13:28:04 GMT; path=/; domain=.comodoca.com; HttpOnly' dirmngr[6552]: RESP: 'Last-Modified: Sun, 19 Feb 2017 16:58:28 GMT' dirmngr[6552]: RESP: 'ETag: W/"58a9ceb4-efab2"' dirmngr[6552]: RESP: 'X-CCACDN-Mirror-ID: dwdccacrl10' dirmngr[6552]: RESP: 'Cache-Control: public, max-age=14400' dirmngr[6552]: RESP: 'CF-Cache-Status: HIT' dirmngr[6552]: RESP: 'Expires: Mon, 20 Feb 2017 17:28:04 GMT' dirmngr[6552]: RESP: 'Server: cloudflare-nginx' dirmngr[6552]: RESP: 'CF-RAY: 33424cb2a6e656f3-IAD' dirmngr[6552]: RESP: '' dirmngr[6552]: update times of this CRL: this=20170219T165828 next=20170223T165828 dirmngr[6552]: locating CRL issuer certificate by authorityKeyIdentifier dirmngr[6552]: DBG: find_cert_bysubject: certificate not in cache dirmngr[6552]: DBG: get_cert_local_ski called w/o context dirmngr[6552]: DBG: find_cert_bysubject: certificate not returned by caller - doing lookup dirmngr[6552]: error fetching certificate by subject: Configuration error dirmngr[6552]: CRL issuer certificate {92616B82E1A2A0AA4FEC67F1C2A3F7B48000C1EC} not found dirmngr[6552]: crl_parse_insert failed: Missing certificate dirmngr[6552]: processing CRL from 'http://crl.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crl' failed: Missing certificate C:\Users\dave\Downloads>
C:\Users\dave\Downloads>gpgsm --list-keys --with-validation --debug-all
gpgsm: Note: no default option file
'C:\Users\dave\AppData\Roaming\gnupg\gpgsm.conf'
gpgsm: enabled debug flags: x509 mpi crypto memory cache memstat hashing ipc
C:\Users\dave\AppData\Roaming\gnupg\pubring.kbx
-----------------------------------------------
ID: 0x0753B689
S/N: 00E023CB1512835389AD616E7A54676B21
Issuer: /CN=AddTrust External CA Root/OU=AddTrust External TTP
Network/O=AddTrust AB/C=SE
Subject: /CN=COMODO SHA-256 Client Authentication and Secure Email
CA/O=COMODO CA Limited/L=Salford/ST=Greater Manchester/C=GB
validity: 2014-12-22 00:00:00 through 2020-05-30 10:48:38
key type: 2048 bit RSA
key usage: digigpgsm: DBG: looking for parent certificate
gpgsm: DBG: found via authid and keyid
gpgsm: DBG: got issuer's certificate:
gpgsm: DBG: BEGIN Certificate 'issuer':
gpgsm: DBG: serial: 01
gpgsm: DBG: notBefore: 2000-05-30 10:48:38
gpgsm: DBG: notAfter: 2020-05-30 10:48:38
gpgsm: DBG: issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: subject: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.5
gpgsm: DBG: SHA1 Fingerprint:
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
gpgsm: DBG: END Certificate
gpgsm: DBG: signature value: 28 37 3A 73 69 67 2D 76 61 6C 28 33 3A 72 73 61 28
31 3A 73 32 35 36 3A 1B 2A 6E AC 55 C1 3A AB 88 C5 D8 ED CD 55 F3 AA 6B 61 2B
C0 09 10 23 99 0F C5 66 6A 6F B1 F5 B4 B5 77 5E 0F 02 61 00 DF 7D 05 FE 12 B3
A4 80 80 00 FC FB 1D 5B 6A 72 02 0A 41 BC 05 BA C1 58 D5 26 C2 EA D5 4D 84 FB
FE 82 98 CF 58 1B E3 22 63 9C 52 F8 BB 05 36 AB 7D 58 A5 DE AB 3B 63 E5 DA D5
73 EF EC E0 FB 7B E2 A3 FF F0 42 23 9C CA B6 8D 4D 3E E4 4B 18 03 B2 A8 2D D4
D8 BB 42 4B 90 69 85 10 DB A6 37 34 E8 7B E0 01 10 A5 9C CA 3A C7 9F 4F 88 34
6E 8A 65 D0 1A 8A BB A9 DC CA CA 36 D1 F4 FC C2 64 29 35 AF D6 B1 A7 71 11 D2
03 43 B1 8F 3E 9A EC 9E 32 53 F4 76 92 CA 86 34 07 B9 2C CA E6 1C 4A D8 99 0D
C1 86 E2 90 92 FB 5A 42 6A 23 21 10 E9 65 C7 F5 D5 BB 7E EA 8C 85 20 02 62 EA
D1 3A 07 2C 59 C5 99 33 F2 38 89 E5 B6 E9 16 7A 1F 79 14 F6 4A 10 1A 26 FA 7C
8A FB 9B 29 29 28 34 3A 68 61 73 68 36 3A 73 68 61 32 35 36 29 29
gpgsm: DBG: encoded hash: 00 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF 00 30 31 30 0D 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 69 72
4F 59 E4 41 04 2E 57 84 2A 9B 9E 78 AA 7D E9 9A 55 53 22 C1 A0 55 20 ED A0 F0
B0 3E 00 8A
DBG: rsa_verify
data:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify
sig:+1b2a6eac55c13aab88c5d8edcd55f3aa6b612bc0091023990fc5666a6fb1f5b4 \
DBG:
b5775e0f026100df7d05fe12b3a4808000fcfb1d5b6a72020a41bc05bac158d5 \
DBG:
26c2ead54d84fbfe8298cf581be322639c52f8bb0536ab7d58a5deab3b63e5da \
DBG:
d573efece0fb7be2a3fff042239ccab68d4d3ee44b1803b2a82dd4d8bb424b90 \
DBG:
698510dba63734e87be00110a59cca3ac79f4f88346e8a65d01a8abba9dccaca \
DBG:
36d1f4fcc2642935afd6b1a77111d20343b18f3e9aec9e3253f47692ca863407 \
DBG:
b92ccae61c4ad8990dc186e29092fb5a426a232110e965c7f5d5bb7eea8c8520 \
DBG:
0262ead13a072c59c59933f23889e5b6e9167a1f7914f64a101a26fa7c8afb9b
DBG: rsa_verify
n:+b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c \
DBG:
7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8ca \
DBG:
bf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c \
DBG:
0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38 \
DBG:
078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44 \
DBG:
e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db \
DBG:
14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7 \
DBG:
a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a27
DBG: rsa_verify e:+010001
DBG: rsa_verify
cmp:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify => Good
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: chan_0x000001e0 <- # Home: C:\Users\dave\AppData\Roaming\gnupg
gpgsm: DBG: chan_0x000001e0 <- # Config:
C:\Users\dave\AppData\Roaming\gnupg\dirmngr.conf
gpgsm: DBG: chan_0x000001e0 <- OK Dirmngr 2.1.11 at your service
gpgsm: DBG: chan_0x000001c0 <- # Home: C:\Users\dave\AppData\Roaming\gnupg
gpgsm: DBG: chan_0x000001c0 <- # Config:
C:\Users\dave\AppData\Roaming\gnupg\dirmngr.conf
gpgsm: DBG: chan_0x000001c0 <- OK Dirmngr 2.1.11 at your service
gpgsm: DBG: connection to the dirmngr established
gpgsm: DBG: chan_0x000001c0 -> GETINFO version
gpgsm: DBG: chan_0x000001c0 <- D 2.1.11
gpgsm: DBG: chan_0x000001c0 <- OK
gpgsm: DBG: chan_0x000001c0 -> OPTION audit-events=1
gpgsm: DBG: chan_0x000001c0 <- OK
gpgsm: DBG: chan_0x000001c0 -> ISVALID
14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.00E023CB1512835389AD616E7A54676B21
gpgsm: DBG: chan_0x000001c0 <- INQUIRE ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 <- OK Pleased to meet you
gpgsm: DBG: connection to agent established
gpgsm: DBG: chan_0x000001e8 -> RESET
gpgsm: DBG: chan_0x000001e8 <- OK
gpgsm: DBG: chan_0x000001e8 -> GETINFO version
gpgsm: DBG: chan_0x000001e8 <- D 2.1.11
gpgsm: DBG: chan_0x000001e8 <- OK
gpgsm: DBG: chan_0x000001e8 -> OPTION allow-pinentry-notify
gpgsm: DBG: chan_0x000001e8 <- OK
gpgsm: DBG: chan_0x000001e8 -> ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_0x000001e8 <- OK
gpgsm: DBG: chan_0x000001c0 -> D 1
gpgsm: DBG: chan_0x000001c0 -> END
gpgsm: DBG: chan_0x000001c0 <- OK
gpgsm: DBG: chan_0x000001e8 -> ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_0x000001e8 <- OK
talSignature certSign crlSign
ext key usage: clientAuth (suggested), emailProtection (suggested)
policies: 2.5.29.32.0:N:
chain length: 0
fingerprint: 59:B8:25:FC:08:86:0B:04:B3:92:CC:25:FE:C4:8C:76:07:53:B6:89
[Note: non-critical certificate policy not allowed]
[validation model used: shell]
[certificate is good]
ID: 0x68851868
S/N: 01
Issuer: /CN=AddTrust External CA Root/OU=AddTrust External TTP
Network/O=AddTrust AB/C=SE
Subject: /CN=AddTrust External CA gpgsm: DBG: chan_0x000001e8 ->
ISTRUSTED 02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_0x000001e8 <- OK
Root/OU=AddTrust External TTP Network/O=AddTrust AB/C=SE
validity: 2000-05-30 10:48:38 through 2020-05-30 10:48:38
key type: 2048 bit RSA
key usage: certSign crlSign
chain length: unlimited
fingerprint: 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
[validation model used: shell]
[certificate is good]
ID: 0x2F5900E9
S/N: 3FAADAD7DD3F946B114321153B76F88C
Issuer: /CN=COMODO SHA-256 Client Authentication and Secure Email
CA/O=COMODO CA Limited/L=Sagpgsm: DBG: looking for parent certificate
gpgsm: DBG: found via authid and keyid
gpgsm: DBG: got issuer's certificate:
gpgsm: DBG: BEGIN Certificate 'issuer':
gpgsm: DBG: serial: 00E023CB1512835389AD616E7A54676B21
gpgsm: DBG: notBefore: 2014-12-22 00:00:00
gpgsm: DBG: notAfter: 2020-05-30 10:48:38
gpgsm: DBG: issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: subject: CN=COMODO SHA-256 Client Authentication and Secure
Email CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.11
gpgsm: DBG: SHA1 Fingerprint:
59:B8:25:FC:08:86:0B:04:B3:92:CC:25:FE:C4:8C:76:07:53:B6:89
gpgsm: DBG: END Certificate
gpgsm: DBG: signature value: 28 37 3A 73 69 67 2D 76 61 6C 28 33 3A 72 73 61 28
31 3A 73 32 35 36 3A 52 A8 1C AC FA 1E 95 57 05 89 78 CA 7A 65 78 AF D3 95 67
07 45 DE 63 7D C8 AD A9 9E CD C0 75 59 55 13 B5 B5 C4 F8 81 68 BA D2 91 25 49
2E 84 E2 6D 87 1D 96 E0 A5 89 C6 80 34 74 CB D0 F3 BF 00 3A 47 A0 FE BF A0 0F
9C 78 93 2A 94 FF 94 CD B7 BB 14 26 D9 35 10 24 59 2E 39 3E F0 CB 52 F8 B1 26
EC D3 80 1D 94 83 70 21 60 8D 70 90 C2 57 7F E4 48 62 F8 8D F3 3D F7 AD C3 EC
F6 AF 63 E4 17 FB B8 A6 63 F4 A8 6A 2B 7F 48 83 D7 79 E7 AC 53 5B 2B D2 EB 4F
9F 3B DA 36 D2 CA 4D 5D AA FD 05 16 BD 2C 37 71 95 86 34 EA 8E D1 6A 61 87 18
5A EA 35 C6 B3 0E B8 08 6A E0 D5 95 37 98 BC A8 4F 7C EE 42 3C B7 B4 DD 37 C0
1C EA 45 37 03 03 20 AF 1C 14 CA 62 60 11 CA FD 7B 06 05 02 37 55 F9 18 6E 8F
5B C6 0E 5A C3 B4 E9 7A BF 38 A9 D8 90 D0 4F 89 DF 67 41 A5 86 5E C5 8F A2 AF
B3 FF 74 29 29 28 34 3A 68 61 73 68 36 3A 73 68 61 32 35 36 29 29
gpgsm: DBG: encoded hash: 00 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF 00 30 31 30 0D 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 31 FB
01 7E 8E CA 59 1E EE 26 5F 91 5C F3 12 E5 0D 10 9F 61 D3 4E 33 E3 62 9B 4F 4D
36 83 09 2D
DBG: rsa_verify
data:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042031 \
DBG:
fb017e8eca591eee265f915cf312e50d109f61d34e33e3629b4f4d3683092d
DBG: rsa_verify
sig:+52a81cacfa1e9557058978ca7a6578afd395670745de637dc8ada99ecdc07559 \
DBG:
5513b5b5c4f88168bad29125492e84e26d871d96e0a589c6803474cbd0f3bf00 \
DBG:
3a47a0febfa00f9c78932a94ff94cdb7bb1426d9351024592e393ef0cb52f8b1 \
DBG:
26ecd3801d94837021608d7090c2577fe44862f88df33df7adc3ecf6af63e417 \
DBG:
fbb8a663f4a86a2b7f4883d779e7ac535b2bd2eb4f9f3bda36d2ca4d5daafd05 \
DBG:
16bd2c3771958634ea8ed16a6187185aea35c6b30eb8086ae0d5953798bca84f \
DBG:
7cee423cb7b4dd37c01cea4537030320af1c14ca626011cafd7b0605023755f9 \
DBG:
186e8f5bc60e5ac3b4e97abf38a9d890d04f89df6741a5865ec58fa2afb3ff74
DBG: rsa_verify
n:+89b10dda7a53194e70521dbc56a60626b7b849e096e751abf1f05a134915a3b4 \
DBG:
8c1b60bc7a5142a7798ca422df17614e91d576230a14d34a027fb61d09806ea5 \
DBG:
043dd9babb16fea187a92e435243167caf3250c8a64f5ae908d8cf93259c7b88 \
DBG:
e83064e6a4f85680fd2a2414331799ac44e5698ba346064bc233d4e9409f06b0 \
DBG:
b1ac9340b9b508933a9c2a53a310db3d20613c55038ed94e7625022129faa37c \
DBG:
71764feee15f81e9fb5480dbc37b3552b784de223d2c302d317f59bd5237b033 \
DBG:
692d43ebfad6a5f1977767518cd9ee27ebbca50738768ca4a938ffdf8cf503ac \
DBG:
49becaf773993a0f32ab9c953a133d0e463a57746150bec6403fcbe4e29fa221
DBG: rsa_verify e:+010001
DBG: rsa_verify
cmp:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042031 \
DBG:
fb017e8eca591eee265f915cf312e50d109f61d34e33e3629b4f4d3683092d
DBG: rsa_verify => Good
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: chan_0x000001c0 -> ISVALID
685A02B9E2BD4B5EE1FA51739B8882AEA38FB3C8.3FAADAD7DD3F946B114321153B76F88C
gpgsm: DBG: chan_0x000001c0 <- INQUIRE SENDCERT
gpgsm: DBG: chan_000001C0 -> [ 44 20 30 82 05 3b 30 82 04 23 a0 03 02 01 02 02
...(982 byte(s) skipped) ]
gpgsm: DBG: chan_000001C0 -> [ 44 20 74 69 6f 6e 61 6e 64 53 65 63 75 72 65 45
...(361 byte(s) skipped) ]
gpgsm: DBG: chan_0x000001c0 -> END
gpgsm: DBG: chan_0x000001c0 <- INQUIRE ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 -> ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_0x000001e8 <- OK
gpgsm: DBG: chan_0x000001c0 -> D 1
gpgsm: DBG: chan_0x000001c0 -> END
gpgsm: DBG: chan_0x000001c0 <- ERR 167772255 No CRL known <Dirmngr>
lford/ST=Greater Manchester/C=GB
Subject: /EMail=u...@domain.com
aka: u...@domain.com
validity: 2017-01-02 00:00:00 through 2018-01-02 23:59:59
key type: 2048 bit RSA
key usage: digitalSignature keyEncipherment
ext key usage: emailProtection (suggested), 1.3.6.1.4.1.6449.1.3.5.2 (suggested)
policies: 1.3.6.1.4.1.6449.1.2.1.1.1:N:
fingerprint: 4A:53:A9:E6:51:32:23:DF:B4:7D:B8:A3:19:F1:3E:A3:2F:59:00:E9
[Note: non-critical certificate policy not allowed]
[no CRL gpgsm: DBG: looking for parent certificate
gpgsm: DBG: found via authid and keyid
gpgsm: DBG: got issuer's certificate:
gpgsm: DBG: BEGIN Certificate 'issuer':
gpgsm: DBG: serial: 01
gpgsm: DBG: notBefore: 2000-05-30 10:48:38
gpgsm: DBG: notAfter: 2020-05-30 10:48:38
gpgsm: DBG: issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: subject: CN=AddTrust External CA Root,OU=AddTrust External TTP
Network,O=AddTrust AB,C=SE
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.5
gpgsm: DBG: SHA1 Fingerprint:
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
gpgsm: DBG: END Certificate
gpgsm: DBG: signature value: 28 37 3A 73 69 67 2D 76 61 6C 28 33 3A 72 73 61 28
31 3A 73 32 35 36 3A 1B 2A 6E AC 55 C1 3A AB 88 C5 D8 ED CD 55 F3 AA 6B 61 2B
C0 09 10 23 99 0F C5 66 6A 6F B1 F5 B4 B5 77 5E 0F 02 61 00 DF 7D 05 FE 12 B3
A4 80 80 00 FC FB 1D 5B 6A 72 02 0A 41 BC 05 BA C1 58 D5 26 C2 EA D5 4D 84 FB
FE 82 98 CF 58 1B E3 22 63 9C 52 F8 BB 05 36 AB 7D 58 A5 DE AB 3B 63 E5 DA D5
73 EF EC E0 FB 7B E2 A3 FF F0 42 23 9C CA B6 8D 4D 3E E4 4B 18 03 B2 A8 2D D4
D8 BB 42 4B 90 69 85 10 DB A6 37 34 E8 7B E0 01 10 A5 9C CA 3A C7 9F 4F 88 34
6E 8A 65 D0 1A 8A BB A9 DC CA CA 36 D1 F4 FC C2 64 29 35 AF D6 B1 A7 71 11 D2
03 43 B1 8F 3E 9A EC 9E 32 53 F4 76 92 CA 86 34 07 B9 2C CA E6 1C 4A D8 99 0D
C1 86 E2 90 92 FB 5A 42 6A 23 21 10 E9 65 C7 F5 D5 BB 7E EA 8C 85 20 02 62 EA
D1 3A 07 2C 59 C5 99 33 F2 38 89 E5 B6 E9 16 7A 1F 79 14 F6 4A 10 1A 26 FA 7C
8A FB 9B 29 29 28 34 3A 68 61 73 68 36 3A 73 68 61 32 35 36 29 29
gpgsm: DBG: encoded hash: 00 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF 00 30 31 30 0D 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 69 72
4F 59 E4 41 04 2E 57 84 2A 9B 9E 78 AA 7D E9 9A 55 53 22 C1 A0 55 20 ED A0 F0
B0 3E 00 8A
DBG: rsa_verify
data:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify
sig:+1b2a6eac55c13aab88c5d8edcd55f3aa6b612bc0091023990fc5666a6fb1f5b4 \
DBG:
b5775e0f026100df7d05fe12b3a4808000fcfb1d5b6a72020a41bc05bac158d5 \
DBG:
26c2ead54d84fbfe8298cf581be322639c52f8bb0536ab7d58a5deab3b63e5da \
DBG:
d573efece0fb7be2a3fff042239ccab68d4d3ee44b1803b2a82dd4d8bb424b90 \
DBG:
698510dba63734e87be00110a59cca3ac79f4f88346e8a65d01a8abba9dccaca \
DBG:
36d1f4fcc2642935afd6b1a77111d20343b18f3e9aec9e3253f47692ca863407 \
DBG:
b92ccae61c4ad8990dc186e29092fb5a426a232110e965c7f5d5bb7eea8c8520 \
DBG:
0262ead13a072c59c59933f23889e5b6e9167a1f7914f64a101a26fa7c8afb9b
DBG: rsa_verify
n:+b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c \
DBG:
7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8ca \
DBG:
bf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c \
DBG:
0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38 \
DBG:
078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44 \
DBG:
e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db \
DBG:
14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7 \
DBG:
a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a27
DBG: rsa_verify e:+010001
DBG: rsa_verify
cmp:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
DBG:
ffffffffffffffffffffff003031300d06096086480165030402010500042069 \
DBG:
724f59e441042e57842a9b9e78aa7de99a555322c1a05520eda0f0b03e008a
DBG: rsa_verify => Good
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: chan_0x000001c0 -> ISVALID
14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.00E023CB1512835389AD616E7A54676B21
gpgsm: DBG: chan_0x000001c0 <- INQUIRE ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 -> ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_0x000001e8 <- OK
gpgsm: DBG: chan_0x000001c0 -> D 1
gpgsm: DBG: chan_0x000001c0 -> END
gpgsm: DBG: chan_0x000001c0 <- OK
gpgsm: DBG: chan_0x000001e8 -> ISTRUSTED
02FAF3E291435468607857694DF5E45B68851868
gpgsm: DBG: chan_0x000001e8 <- S TRUSTLISTFLAG relax
gpgsm: DBG: chan_0x000001e8 <- OK
found for certificate]
[Note: non-critical certificate policy not allowed]
[validation model used: shell]
[certificate is bad: No CRL known]
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 0/16384 bytes in 0 blocks
C:\Users\dave\Downloads>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
